US 12,229,256 B2
Vulnerability analysis for software products
Nandini Arulmani, Salem (IN); Radha Bhavya Sri Sai Menta, Kuppam (IN); Deeksha Srivastava, Bengaluru (IN); and Palani Raja Zeavelou, Puducherry (IN)
Assigned to Dell Products L.P., Round Rock, TX (US)
Filed by Dell Products L.P., Round Rock, TX (US)
Filed on Oct. 18, 2022, as Appl. No. 17/968,111.
Prior Publication US 2024/0126871 A1, Apr. 18, 2024
Int. Cl. G06F 21/57 (2013.01); G06F 21/55 (2013.01)
CPC G06F 21/554 (2013.01) [G06F 21/552 (2013.01); G06F 21/577 (2013.01)] 20 Claims
OG exemplary drawing
 
18. A method comprising:
analyzing software code of a software product to identify one or more application programming interfaces of one or more software libraries used in the software code of the software product;
determining whether any of the identified one or more application programming interfaces of the one or more software libraries used in the software code of the software product correspond to any application programming interfaces of one or more software libraries having reported vulnerabilities;
responsive to determining that at least one of the identified one or more application programming interfaces of the one or more software libraries used in the software code of the software product correspond to at least one of the application programming interfaces of the one or more software libraries having reported vulnerabilities, identifying one or more impacted software classes of the software product; and
automating upgrade of the one or more software libraries used in the software code of the software product based at least in part on the identified one or more impacted software classes of the software product;
wherein identifying the one or more impacted software classes of the software product comprises determining that a given one of the identified one or more application programming interfaces of a given one of the one or more software libraries having at least one of the reported vulnerabilities is different than a corresponding application programming interface in a non-vulnerable version of the given software library; and
wherein automating upgrade of the given software library comprises, responsive to determining that the given application programming interface of the given software library having at least one of the reported vulnerabilities is different than the corresponding application programming interface in the non-vulnerable version of the given software library, implementing one or more changes for software code of at least one of the identified one or more impacted software classes of the software product which utilize the given application programming interface of the given software library having at least one of the reported vulnerabilities; and
wherein the method is performed by at least one processing device comprising a processor coupled to a memory.